In a recent Q&A with the Director of the Office of Civil Rights (OCR) Leon Rodriguez, government proves again that it is looking at privacy and security violations very seriously yet with a lot of common sense. In the Q&A, Rodriguez states that he expects that in “coming year will see a higher number of data breaches being reported, partly as a precipitate of an increase in data analytics and risk assessment procedures, entities that respond decisively and responsibly to data breaches most likely won't be the subject of monetary enforcement.” We believe that only through a solid working relationship between the government and the private sector can we efficiently and effectively tackle the challenges we face in the privacy and security arena.

In an effort to combat the exposure created by ever increasing electronification of health data, Patient Privacy Rights group sent a letter to the Office of Civil Rights to release a comprehensive guidance on cloud computing given that more and more health care entities are moving their health data to the “cloud”.

Here are round up of recent data breach announcements; Even Kaiser, considered by many as the darling of “paperless” health care, is under investigation for violating patient privacy. No corrective actions have been assessed but Kaiser should know better. The Hospice of North Idaho became the FIRST ever to settle and be FINED money ($50,000) for data breach violations under the HIPAA involving less than 500 patients. $140,000 fines were levied against a billing firm and four pathology practices in Massachusetts for HIPAA violations. Gibson General Hospital in Indiana announced a data breach involving 29,000 patients due to a stolen laptop. Louisiana State University’s health care services division notified more than 400 individuals in 12 states of data breach after an employee used their data to make counterfeit checks. Omnicell, provider of automated medication dispensing services, notified two healthcare systems that a loss of an Omnicell device containing 56,000 patient data has occurred. Kentucky Medicaid agency has notified more than 1,000 Medicaid patients of data breach due to a subcontractor falling for a scam that allowed inappropriate computer access. California Medi-Cal agency notified 2,600 Medi-Cal recipients that their Medi-Cal cards were mailed to wrong recipients due to a computer error.

Leave a Reply.

Author

Founded in 2010, eRECORDS, Inc. is a Health IT company that provides solutions to Healthcare Enterprises and Practices in helping providers achieve continuous quality and performance improvements. Our vision is to power innovations in healthcare delivery through connected technologies and intelligence. Our mission is to be the trusted expert, guide and partner in achieving meaningful use to make healthcare better, cheaper and accessible. For more information, visit www.eRecords.com